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1  Introduction 


Modern  algebraic  techniques  have  been  used  to  design  and  decode  codes  for  error  control  as  far  back 
as  the  early  1960s  when  the  binary  BCH*  codes  [2-5]  were  discovered  independently  by  Bose  and 
Chaudhuri  and  by  Hocquenghem.  The  BCH  codes  and  their  descendents  are  popular  for  several 
reasons,  including  their  '•egular  algebraic  structure  which  permits  easy  encoding  using  simple  shift 
registers  and  the  existence  of  codes  for  a  wide  range  of  block  lengths  and  error  correction  capabilities. 

However,  the  asymptotic  performance  of  BCH  codes  is  not  “good"  [5]  in  that  the  error  probabil¬ 
ity  after  decoding  and  the  information  rate  of  the  code  are  not  simultaneously  bounded  away  from 
zero  with  increasing  block  length.  Nevertheless,  the  BCH  codes  and  their  derivatives  are  widely 
used  because  they  are  easy  to  generate,  well  understood,  and  useful  in  the  control  of  transmis¬ 
sion  errors  over  noisy  channels.  BCH  decoders,  however,  are  complex,  and  work  continues  to  find 
simpler  and  more  powerful  decoders. 

This  work  applies  recent  results  from  the  algebra  of  multivariate  polynomials  to  the  direct 
solution  of  the  syndrome  equations  of  binary  BCH  codes.  In  this  problem,  some  number  t  of 
nonlinear  polynomial  equations  must  be  solved  for  the  locations  of  the  errors. 

Following  a  review  of  the  basic  theory  of  linear  block  codes.  Section  2  presents  the  polynomial 
model  of  cyclic  codes  and  shows  how  a  BCH  code  is  specified  solely  by  a  set  of  roots  of  its  generator 
polynomial.  Section  3  reviews  popular  methods  for  decoding  BCH  codes.  Although  the  Berlekamp- 
Massey  Algorithm  (BMA)  [6,7]  is  probably  the  most  widely  discussed  in  the  literature,  we  present 
Peterson’s  algorithm  [2]  because  it  is  simpler  than  BMA  and  provides  the  paradigm  for  BM.^  as  well 
as  other  decoders.  Section  4  casts  the  problem  into  ideals  in  the  ring  of  multivariate  polynomials 
over  GF(2”').  Such  ideals  are  defined  by  the  roots  of  the  member  polynomials.  .Modern  methods 
are  used  to  solve  these  equations  directly. 

Examples  are  included. 


2  Linear  Block  Codes 

2.1  Error  Control 

A  common  method  for  controlling  errors  in  information  transmitted  over  noisy  channels  is  the  use 
of  linear  block  codes  (LBC)^.  Algebraically,  a  LBC  is  a  fc-dimensional  vectoi  subspacc  of  a  vector 
space  of  n-tuples  over  a  finite  field  and,  therefore,  has  a  basis  which  spans  the  code.  Methods  from 
linear  algebra  can  be  used  to  express  and  manipulate  the  generator  matrix,  the  rows  of  which  are 
the  basis  of  the  code.  The  dimension  k  of  the  LBC  is  smaller  than  n,  the  number  of  elements 
or  symbols  in  the  n— tuple.  This  gives  rise  to  the  existence  oi  n  —  k  redundant  symbols  in  each 
codeword.  This  redundancy  introduces  distance  between  pairs  of  codewords. 

The  sense  in  which  we  define  “nearness"  is  Hamming  distance. 

' Bose-Chaudhuri-Hoequenghem.  McEliece  [1]  present.*!  an  interesting  history  of  the  naming  of  these  codes. 

^For  a  thorough  coverage  of  this  topic,  the  reader  is  referred  to  any  of  several  excellent  texts  [1-6, 8. 9], 
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Definition;  Tlio  Hamming  distance  d//  bctweon  two  n-tiiplcs  is  the  ntimhor  of  places  in  which 
they  differ. 

Thus,  if  tr,  =  (1001110)  and  =  (  101 1010),  w’2)  =  2  as  can  he  verified  hy  inspection. 

Channel  noise  often  increa.ses  the  probability  that  the  received  word  will  be  closer  to  a  code  word 
other  than  that  which  was  transmitted.  Sufficient  code  redundancy,  however,  ran  usually  provide 
sufficient  distance  between  all  pairs  of  codewords  that  the  codeword  which  was  transmitted  can 
be  identified  correctly  in  a  large  fraction  of  cases,  even  when  noise  has  moved  it  closer  to  another 
codeword. 

Let  fc  be  the  number  of  bits  of  information  represented  by  one  codeword,  and  let  ri  be  the 
codeword  length.  An  information  block  is  repre.sented  as  follows: 

I  =  (ii, . .  .,jfc),  ij  €  GF(2),  j  =  1 . k,  k  <  n.  (1) 

Let  (7  be  a  t  X  TJ  generator  matrix,  the  rows  of  which  span  the  LBC.  Then  every  block  I  of  k 
information  bits  generates  a  distinct  codeword 

V'  =  la.  (2) 

A  convenient  model  of  the  channel  represents  noise  as  a  set  of  n  Bernoulli  trials  [10]  in  which 
the  “probability  of  success”  is  taken  as  the  probability  p  of  an  error  in  any  binary  symbol.  This 
means  that  the  n-tuple  Vp  received  at  the  noisy  channel  output  can  be  modeled  as  the  modulo  2 
vector  sum  of  the  transmitted  codeword  V  and  an  error  vector  E  =  (ei, . .  ..r„)  where  =  1  if  an 
error  occurred  in  the  position  and  0  otherwise. 

Vn  =  V  +  E  (;i) 

The  decoding  problem  is:  given  Vn,  find  V. 


2.2  Polynomials  and  Cyclic  Codes 


Using  powers  of  an  indeterminate  x  as  placeholders  permits  writing  a  polynomial  model  of  the 
LBC.  This  is  more  than  formalism,  however,  as  it  permits  code  construction  and  decoding  based 
upon  well-known  principles  of  algebra. 

Information  can  be  carried  in  the  (binary)  coefficients  of  a  polynomial  i(x): 

i{r)  =  »'{)  +  i|X -h  ••• -1- ij  €  Cr(2),  j  =  0, 1 . k-\.  (1) 

(^)deword  polynomials  are  generated  by  multiplying  i(x)  by  a  gnirralor  polgiiowini g(ji')  of  degriH' 
II  -  k: 

!l(r)  =  flu  +  i/ia-  -f  •  •  •  -f  €  Gl''(2)»  >  =  0,1 . v  -  k.  (,^) 

Coellicieiits  of  the  resulting  polynomial  r(x)  represent  the  binary  symbols  in  the  codeword: 

r(x)  ==  i(r)fi(T) 


e,,  -f  I'lX  h  •••-1  i'„_ix’'“'.  I’j  G  C•^'{2).  j  =  0,  1 


(tit 


Here,  the  code  redundancy  is  introduced  in  the  process  of  multiplication  by  g{T)  which  results  in 
the  representation  of  k  binary  information  symbols  by  n  >  k  binary  code  symbols.  Previous  notions 
of  distance  and  error  correction,  therefore,  hold  here  as  well. 

A  code  is  said  to  be  cyclic  if  every  cyclic  shift  '  very  codeword  is  also  a  codeword,  .\lgebraically. 
a  code  is  cyclic  whenever  -  1,  and  t*  codeword  length  n  is  the  smallest  integer  for  which 

.9(-r)k”  -  1  [5]. 


2.3  BCH  Codes 

The  BCH  codes  provide  a  convenient  paradigm  for  several  families  of  powerful  l.HCs  including 
Reed-Solomon  [I-6,8,9]  and  Goppa  [I]  codes.  A  binary,  primitive  BCH  code  is  a  cyclic  code  of 
length  n  =  2"*  -  1.  Its  generator  polynomial  numbers  among  its  roots  2t  consecutive  powers*  of 
a  primitive  element  q  of  the  locator  field  CiF(2'").  With  correct  decoding,  this  code  can  correct  up 
to  /  channel  errors  in  every  codeword.'* 

Example;  Let  n:  =  4  and  t  =  2.  Then  n  -  lo  and  the  roots  of  g(j)  include  o.  o*.  o-^.  and  o*. 
Because  o*®  =  1,  these  must  also  be  roots  of  g(i):  {o®,  o**,  q**}.  Hence,  the  ilegree  of  gfij) 

is  ri  -  Jfc  =  8  so  that  the  dimension  k  of  the  code  is  7.  (i.e.,  the  code  has  2'  =  128  code  words.) 
The  code  is  capable  of  correcting  at  least  t  =  2  errors  in  every  codeword,  and  the  code  rate,  k/ii 
is  0.47  information  bits  per  binary  symbol  transmitted. 


3  BCH  Decoding 


Of  course  correcting  /  errors  in  a  codeword  of  length  n  implies  a  decoding  procedure  that  achieves 
this  error  correcting  potential.  A  trivial  but  completely  correct  decoding  technique  is  to  construct 
a  table  of  every  binary  n-tuple  and  the  codeword  into  which  it  is  to  be  decoded.  For  a  cliannel 
imposing  independent  errors  on  the  symbols  of  a  codeword,  the  rule  for  constructing  this  table  is 
to  decode  an  n-tuple  into  the  nearest  codeword'*. 

However,  table  lookup  decoding  is  feasible  only  for  rather  small  codes.  The  power  of  modern 
computers  is  quickly  exhausted  for  codeword  lengths  of  .several  thousand  bits  and  hundreds  of 
errors  per  word.  Therefore,  we  continue  to  .search  for  algorithmic,  algebraic  decoders  which  are 
much  faster  and  demand  much  less  storag".  Many  algebraic  decoders  will  correct  every  error  pattern 
of  t  or  fewer  errors  but  no  more,  even  though  the  code  may  correct  some  patterns  of  more  than  t 
errors.  Nevertheless,  the  number  of  such  error  patterns  is  usually  sufficiently  small  that  it  does  not 
affect  the  overall  decoding  error  probability  significantly. 

^The  nonzero  powers  o°,  o' ....  .  of  a  primitive  element  of  GFC^”* )  are  the  distinct  nonzero  elements  of  that 

field. 

*In  order  that  the  codewords  be  binary,  it  is  ncces.sary.  for  every  root  of  j(r),  that  all  conjugates  .f*'.  .  } 

be  roots  of  g(i)  as  well  [6]  . 

^Because  this  is  a  mtntmum  distance  decoding  technique,  no  other  decoder  can  correct  more  errors  on  a  memory  less 
channel. 
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3.1  Peterson’s  Decoder 


Let  r(r)  represent  the  received  vector  when  t-error  correcting  BCH  codeword  v{x)  is  transmitted 
over  a  channel  corrupted  by  additive  noise: 

r(a:)  =  t)(i)  +  e(i).  (7) 

f(i)  is  the  error  polynomial:  Cj  =  1  if  an  error  occurred  in  the  position  and  0  otherwise. 
The  paradigm  for  many  useful  decoders  of  this  code  is  Peterson’s  decoder  [2],  which  implements  a 
four-step  decoding  procedure: 


•  calculate  syndromes,  functions  of  the  coefTcients  of  r(x); 

•  calculate  coefTicients  of  the  error  locator  polynomial; 

•  solve  the  error  locator  polynomial  for  the  locations,  in  the  received  word,  of  the  errors;  and 

•  (for  nonbinary  codes)  calculate  the  error  values. 


3.1.1  The  Syndromes 

Consider  the  channel  output,  r(i)  as  given  by  (7).  The  2<  syndrome  values  arc  obtained  by 
substituting  the  2<  consecutive  roots  of  the  generator  polynomial  into  the  received  polynomial: 

Sj  =  r(ft^)  =  g{a^)  +  e(o^)  =  e(o^),  j  =  1 . 2t.  (8) 

Writing  only  those  coefficients  Cj  which  are  not  zero  leads  to  the  following  form  of  the  2/  syndrome 
equations: 


Ci^  o"  -f-  +  •  • .  +  c„o''  =  5, 

c„ n^'*  -f  -f  •  •  •  -f  e,,©’"  =  52 

+  e,jO**'* -f  •  •  • -f  =  5|.  (9) 

Note  the  following: 

(a)  The  indices  {I'l,  t2, .  • .}  in  (9)  are  the  coordinates  of  the  nonzero  elements  (and  hence,  of  the 
errors)  in  the  error  vector.  It  is  convenient,  therefore,  to  write  Xj  ^  o*i.  The  va]ue.s  of  the  o*j  are 
called  the  error  locators  oi  the  received  word. 

(b)  In  any  field  Gr(2”')  of  characteristic  two,  (n  +  6)*  =  n*  +  6*  (11],  Therefore,  in  (9),  every 
syndrome  computed  from  even  powers  of  n  Is  an  even  power  of  some  syndrome  computer!  from 
odd  powers  of  a;  c.g.,  S-j  =  Sf.  These  are  redundant  and  do  not  contribute  to  solving  for  the  error 
locators. 


•t 


(c)  In  (9),  e^^  —  I,  j  =  and  need  not  be  explicitly  written.  The  syndromes 

{5j,  j  =  are  known  (computed)  elements  of  GF(2"’)  and  can  be  expressed  as  powers 

of  q;  t.e.,  5<,  =  q^”  . 

Considering  (a),  (b),  and  (c)  with  (9)  gives  a  system  of  t  polynomial  equations,  the  solutions 
to  which  are  the  error  locators  of  the  received  word: 

S 1  =  a-”  =  Ai  +  A2  +  -‘‘  +  At 
53  =  Q-J"  =  Ai^  +  A'2^  +  ---  +  A't^ 

52,-1  =  =  A,2'-i  +  aV'-> +  ■••  + A',2‘-i.  (10) 


3.1.2  The  Error  Locator  Polynomial 

Derivation  of  (10)  ®  assumed  that  no  more  than  t  errors  occured  in  a  block  of  length  n.  An  error 
locator  polynomial  is  derived  from  these  functions. 

Definition;  The  error  locator  polynomial  a(x)  is  the  (univariate)  polynomial,  all  the  roots  of 
which  indicate  the  locations  of  errors  in  a  received  word: 

I 

cT[x)  = 

«=i 

=  x' +  +  •  •  •  +  CT,.  (11) 

It  is  easy  to  see  that  the  coefficients  are  functions  of  the  elementary  symmetric  functions  of  the 
roots  (  le  error  locators): 


=  EA'. 

f 

02 

•<J 

II 

M 

i<J<k 

=  A  1  A'2  . . . 

Since  or(x)  is  satisfied  by  the  error  locators,  (11)  becomes 

A*  +  (7iA*  ^  <T2X*  ^  CTf  =  0. 


(12) 


(13) 

(14) 


(15) 


Peterson’s  method  uses  the  syndrome  relations  to  construct  a  set  of  linear  equations  in  the 
This  set  can  be  solved  for  these  coefficients.  Multiplying  (15)  by  A'/  for  any  j  gives 


A''+^  +  a,  A'+^-'  +  er2Xl+^-^  +  •  •  •  +  rr.A'/  =  0. 

®The  reader  should  recognize  these  a.s  a  set  of  power-sum  symmetric  functions  [ll]. 


(16) 
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Summing  over  t  and  substituting  Sj  =  5Z*=i  A'/  gives 

St+J  +  +  <T2-S(+j-2  +  •  ■  •  +  CftSj  =  0.  (  1  (  ) 

These  Newton’s  Identities  [11]  generate  linear  systems  of  equations  for  the  {<7^},  one  system  for 
each  value  of  t.  For  t  =  1, 

S2  (J\Si  =0, 

and  for  t  =  2, 

S3  +  S^f^l  +  •?1<72+  =  0. 

These  are  recursively  solved  for  the  coefficients,  yielding  (15)  explicitly. 


3.1.3  Solving  the  Error  Locator  Polynomial 

Decoding  is  complete  when  the  roots  of  <7(x)  are  found  and  the  necessary  corrections  made  to  r{x). 
The  Chien  search  [8]  is  a  method  for  doing  this  without  explicitly  solving  o(t).  This  method  uses  a 
digital  circuit  which  evaluates  <t(i)  at  each  member  a-*  of  GF{2”*)  and  sets  a  correction  bit  to  unity 
if  (t(x)  is  satisfied.  The  received  polynomial  r(x)  is  clocked  through  the  circuit  and  the  correction 
bit  is  added  modulo  2  at  the  appropriate  location.  Therefore,  whenever  a  root  of  fr(x)  is  found, 
the  appropriate  received  symbol  is  complemented. 

The  Chien  search  will  be  required  in  implementing  the  direct  solution  methods  discussed  below. 


3.2  Related  Methods  of  Finding  the  Error  Locator  Polynomial 

For  more  than  approximately  six  errors  per  codeword,  Peterson’s  method  requires  a  number  of  finite 
field  multiplications  which  grows  with  the  square  of  t.  Berlekamp  [6]  produced  an  iterative  method 
for  finding  the  coefficients  that  grows  only  linearly  with  t;  Massey  [7]  improved  Berlekamp’s  method 
(producing  the  BMA),  showing  that  it  is  equivalent  to  synthesizing  the  shortest  linear  feedback  shift 
register  that  can  generate  the  sequence  of  syndrome  values.  The  methods  are  similar  and  can  be 
studied  in  the  references. 


4  Direct  Solution  Techniques 

The  objective  is  to  find  a  solution  set  to  (10): 

=  A1  +  A2  + - l-At 

=  A 1  ^  +  A  2^  +  •  •  •  +  A 

+  AV'~*  +  •  •  •  +  (18) 
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where  a  is  a  primitive  element  in  GF(2'").  Assume  that  the  number  of  errors  in  a  received  word 
does  not  exceed  f .  Then  (18)  is  a  system  F  of  t  independent  equations  with  at  most  t  solutions. 
Hence,  F  is  a  system  of  t  polynomials  in  t  unknowns  and  has  one  unique  solution,  /3  =  (/3i . 

4.1  Rings  and  Ideals 

Direct  solution  techniques  of  (18)  attempt  to  exploit  the  rich  algebraic  structure  of  the  ring  R  = 
A'[X]  =  A'[A''i,  A'2, . . . ,  A't]  of  polynomials  in  t  variables  over  K  -  GF(2'")  [11],  A  subset  2  of  a 
ring  is  called  an  ideal  if  it  is  a  subgroup  of  the  additive  group  of  the  ring  and  if,  for  every  i  €  2  and 
every  r  £  R,  both  ir  and  ri  belong  to  2.  Hilbert’s  Basis  Theorem  [12]  requires  that  every  ideal  in 
A’[X]  have  a  finite  basis. 

Consider  F  to  be  a  subset  of  the  ring  A'[X].  The  set  2(F)  spanned  by  members  of  F  (where 
coefficients  are  taken  from  K[X])  is  an  ideal  in  A'fXj: 

2(F)  ^  (F)  C  A-[X].  (19) 

The  common  zeros  of  the  polynomials  of  F  are  said  to  form  an  algebraic  manifold,  [12]  which 
is  “defined  by”  those  polynomials.  Thus,  all  points  of  the  manifold  satisfy  every  polynomial  in 
2(F).  Direct  solution  techniques  involve  searching  2(F)  for  another  set  G  of  polynomials  which 
span  2(F)  and  which  are  simpler  to  solve  than  those  in  F.  Hence,  new  methods  for  finding  bases 
of  ideals  in  A'[X]  bear  on  the  decoding  problem. 

4.2  A  Basis  for  I{F) 

The  objective  now  is  to  find  for  2(F)  a  basis  G  which  is  “easily”  solved  for  the  underlying  roots. 

The  basis  G  is  obtained  from  the  defining  polynomial  set  F  by  applying  transformations  which 
do  not  eliminate  any  roots  of  the  system.  An  example  illustrates  the  transformations: 

Example:  Suppose  set  F  is: 

fi  :  Xi  +  X2  —  0 

/z:  A'f  +  Af  +  a*'  =  0,  (20) 

and  suppose  that  it  is  known  that  this  system  has  the  solution  (/3i,/32)  €  GF(2”‘)^.  Then 

y(X)  =  a,(X)/,(X)  +  a2(X)/2(X)  (21) 

is  satisfied  by  (A,/?2)  as  well^. 

^If  the  number  of  errors  exceeds  t,  such  a  decoder  is  likely  to  exhibit  decoding  Jailure.  That  is,  it  may  return  an 
incorrect  result. 

*Actually,  the  rigorously  correct  statement  is  that  all  zeros  of  the  system  are  “equivalent”  and  “mapped  on  one 
another  by  an  isomorphism  which  leaves  fixed  the  elements  of  the  ground  field...”  [12] 

®Of  course,  if  ai(X)  and  a2(X)  have  a  common  factor,  yfX)  may  have  an  additional  root  that  does  not  satisfy  /i 
or  /2,  but  this  case  is  of  no  interest. 
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If  a2(X)  =  1  and 


a,(X)  =  .V?  +  X,(A'2  +  +  (A'2  +  o^)^ 


(•22) 


then 

y(X)  =  A'jV  +  A'za^J  +  a'^J  +  (23) 

and  this  system  has  been  reduced  from  two  equations  (a  cubic  and  a  linear)  to  a  single,  univariate 
second  degree  equation  having  the  same  solution  (/?i,/?2)  as  the  original  system.  We  say  that  the 
cubic  has  been  reduced  modulo  F  to  y(X). 


The  algorithm  for  deriving  the  desired  ideal  basis  G  is  based  upon  such  reduction  operations 
and  produces  a  reduced  Grobner  basis  [13]  of  the  ideal  spanned  by  F.  A  reduced  Grobner  G  basis  is 
a  basis  of  the  ideal,  each  member  of  which  has  coefficient  of  highest  order  term  =  1  and  no  element 
of  which  can  be  reduced  modulo  G.  It  is  known  [13]  that  a  reduced  Grobner  basis  for  I{F)  can  be 
written  in  triangularized  form: 


g\  =  ffi(A'i) 

92  =  92(Xi,A'2) 

9t  -  A2,  •  •  •,  A<). 


(24) 


This  form  suggests  a  recursive  root  finding  technique.  However,  the  following  lemma  forms  the 
bases  for  our  direct  method  of  finding  the  BCH  error  locator  polynomial  [14]. 


Lemma  1  </i(ii)  is,  within  a  multiplicative  constant,  the  error  locator  polynomial  a(x)  of  the  BCH 
code. 

Proof:  Every  element  of  /  has  among  its  roots  the  set  {/?,}  of  roots  which  defines  the  original 
spanning  set  F.  Reducing  F  to  G  neither  adds  nor  subtracts  roots  to/from  any  polynomial. 
Therefore,  cr(a:)  and  .91(1)  are  products  of  the  same  factors  {(x,  —  0,)}  and,  hence,  differ  by  no 
more  than  a  n.ultiplicative  constant,  q.e.d. 


4.3  Grobner  Bases  as  a  Basis  for  Decoding 


Descriptions  of  the  general  form  of  Buchberger’s  algorithm  for  finding  the  Grobner  basis  of  an  ideal 
2{F)  run  for  many  pages  [13].  We  include  a  succinct  tutorial  exposition  of  the  algorithm  in  the 
Appendix.  The  example  below  illustrates  the  use  of  the  algorithm: 

Example:  This  is  a  general  form  of  the  problem.  Taking  K  to  be  GF(2‘^)  and  t  =  3  results  in 
a  3-error  correcting  code  with  block  length  n  =  2^  —  1,  dimension  k  =  5,  and  32  code  words.  In 
general,  the  decoder  produces  these  non-redundant  syndromes: 


Ai+A2  +  A3  +  a*  — 
A'f -f- A'f  +  A'l  +  a-'  = 
A 1  +  A  2  +  A3  +  o*'  = 
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0 

0 

0. 


(25) 


Define  three  intermediate  polynomials, 


MX)  =  x:  vi(A'2+x,+fl*)2-^ 

]=o 

P2(X)  =  ^A'i(A'2  +  A', 

1=0 

P3(X)  =  A'|  +  A2A', +  A2a‘  + A7  +  X,a‘  +  a2',  (26) 

and  from  these  produce  three  “coefficient”  polynomials: 


ai(X)  = 

PiP3(A’i  -b  a*)  -b  P2(A'i  -b  o')  -b  P\{a^  +  a^') 

MX)  = 

P3(A'i  -b  a‘)  -b  a-'  +  a®' 

a3(X)  = 

Ai-ba‘. 

(27 

Substitute  the  pi  into  the  aj  to  get 

ai(X)  =  A'l  A'a^  +  a’A'a^  +  AiA'2A'|  +  a'X2X^  +  A?A|  +  a^'Af  +  A'2A2A'| 

W'X2Xi  +  a'X^Xi  +  a^'A'iA'I  +  a^Xi  +  a^'A'I  +  A'^Xj^A'a  +  a^'X^X^ 
+A?A'2A'3  +  a^X2X3  +  a'XfXa  +  a^A'iA'a  +  a^+’A'a  +  a^'A'a  +  XfX^ 
+a'^'X^  +  a'A'^A'I  +  a^'XiX^  +  a-'A'|  +  a^’A'I  +  A'/A2  +  a'‘'A2 
+a'Xt  +  a^'A'f  +  a^A?  +  a^'A',  +  a-'+2'  +  a^' 
a2(X)  =  A'l  X^  +  a*  A'l  +  A^A'a  +  a^' A2  +  A?  +  a^. 

This  yields  a  univariate  polynomial  which  we  recognize  ais  the  error  locator  polynomial; 


ct(A3)  =  53a,(X)/,(X) 


i/=i 


=  A|(aJ  +  a^*)  +  A|(a‘+-'  +  q^’)  +  A3(a^  +  q2'+^  ) 

+q‘+''  +  +  tt^‘+-'  +  Q®’. 


(28) 


Finding  <r(A)  solves  the  decoding  problem. 


5  Conclusion 


Mathematically,  we  have  shown  a  decoder  that  computes  a  set  of  syndrome  values  which  are  func¬ 
tions  of  the  roots  of  the  code’s  generator  polynomial  and  of  the  error  locations.  These  syndromes 
are  the  constant  terms  of  a  system  of  nonlinear  polynomiaJs.  We  have  presented  a  method  for  ex¬ 
tracting  from  that  system  the  error  locator  polynomial,  one  which  is  satisfied  by  the  error  locations 
expressed  as  elements  of  GF(2'").  The  coefficients  of  the  error  locator  polynomial  are  functions  of 
the  syndrome  values  only.  Thus,  the  decoder  need  do  only  two  things:  compute  syndromes  and 
coefficients. 

This  class  of  decoder  is  interesting  because  of  the  promise  of  noniterative  decoding  of  BCH  and 
BCH-like  codes.’®  Of  course,  an  efficient  version  of  Buchberger’s  algorithm,  tailored  to  systems 

'°Of  special,  near-term  importance  to  system  designers  is  the  possibility  of  improved  decoders  for  Reed-Solomon 
codes,  powerful  codes  already  used  in  many  high  performance  systems. 
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of  equations  such  as  (10),  is  required  but  not  yet  in  hand.  Once  this  hurdle  is  overcome,  we 
envision  several  possibilities.  One  is  to  incorporate  a  version  of  Buchberger’s  algorithm  into  a 
decoder.  Another  is  to  solve  Buchberger's  algorithm  for  a  large  family  of  codes,  e.\pressing  the  error 
locator  polynomials  in  terms  of  the  syndrome  values  alone.  These  could  easily  be  programmed  into 
hardware  to  produce  a  fast  decoder. 
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Appendix 


Buchberger’s  Grobner  Basis  Algorithm 


What  follows  is  a  tutorial  exposition  of  Buchberger’s  algorithm  for  finding  a  Grobner  basis  of  an 
ideal  in  the  ring  of  multivariate  polynomials  [13,15].  Such  an  ideal  is  of  interest  here  when  it  is 
defined  by  an  algebraic  manifold  of  roots  of  every  member. 


A  Preliminaries 

A.l  Notation 


(0  =  - >im)  t-9) 

V(')  —  V*'  V‘2  V‘"’ 

A  —  .A  j  ,  2  ,  •  •  •  <  m 

A. 2  Ordering 

In  what  follows,  we  shall  req,^l;o  that  an  ordering  be  defined  on  the  multivariate  monomials.  The 
order  of  a  multivariate  polynomial  is  the  analog  of  the  degree  of  a  univariate  polynomial. 

Let  Til  be  a  transitive  ordering  on  the  monomials. 

aTZbnbTZc=>aTZc.  (30) 

(Read  TZ  as  “precedes”  or  as  “is  less  than.”)  We  require  the  following  of  TZ: 

•  1  TZ  V  (0 

•  A'(‘)  TZ  A'(J)  A'(')+(M  TZ  a'0)+(M 

Any  admissible  ordering  can  be  used."  Two  examples  follow. 


1.  The  /exjcograpAicordering  defines  an  order  on  the  individual  symbols,  so  that,  e.g.,  A’l  TZ  A'2  TZ  ■  ■ 
(Some  authors  write  A'l  <  A'2  <  ■  •  •)•  this  case,  A^j^A'^  TZ  A'l  A'f . 

2.  For  the  product  ordering  P,  monomials  are  ordered  according  to  the  exponents  of  every 
symbol,  A'_,.  Therefore,  A'J' A'2^  TZ  A'^'A’j^  iff  t\  <  j\  and  12  <  h- 

We  shall  need  the  concept  of  supremum  (sup)  or  least  upper  bound.  With  an  ordering  defined  on 
the  monomials,  sup  is  defined  exactly  as  in  mathematical  analysis.  It  is  the  maximum  over  a  set 

"An  ordering  is  said  to  be  admissible  if  1  71  A'  and  A'  Tl  Y  imply  XU  H  YU . 
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with  respect  to  the  ordering  defined  on  that  set.  If  there  is  no  maximum  (e.g.,  if  two  or  more 
elements  in  the  set  are  tied  for  largest  according  to  the  ordering),  the  smallest  monomial  larger 
than  either  is  the  sup  over  the  set.  For  each  of  the  example  orderings,  we  give  the  supremum.  For 
the  lexicographic  ordering, 

supiXlXl,  A'lAt)  =  A'j^A'I;  (31 ) 


for  the  product  ordering, 


sup(A?.Vf,A,A'f)  =  X^Wl 


(32) 


A. 3  Derivation  of  5po/(/,,/j) 

Definition:  Ht€rm(f)  =  the  maximal  monomial  or  head  term  of  /(X)  with  respect  to  Tv.  If 
/  =  /(,)A'('(  +  /  then  Hterm{f)  =  A'('(. 


For  two  polynomials  f,  h  ^  ^[X]  define 

SUP[J,h)  =  sup{  ierm{f),  Htenn{h)).  (33) 


Then  express  each  polynomial  explicitly  as  the  sum  of  its  head  term  (multiplied  by  the  appropriate 
scalar  coefficient)  and  the  rest  of  the  polynomial. 


h  =  h^i)Hterm(h)  +  h 


and  define 

,  SVPU.h),  ,  SVPil.h) 

spoiu.k)  =  ft) 

It  is  easy  to  see  that  Spol{f,h)  has  order  less  than  that  of  either  /  or  h. 


(34) 


(35) 


A. 4  Reduction  Modulo  F 

Let  F  =  {/j,  £  A'[A'i, ...,  A'm],  j  =  1, ...  ,r}.  For  each  write 

fj  =  PjHterm(fj)  +  fj.  (36) 


Select  some  h  £  A'[X]  such  that  at  least  one  Hterm{Fj)  appears  in  h\  i.e., 

h  = - 1-  J(i)Ht€Tm{fi)  +  •  •  • 

Now  form 

=  /p)A'^'^  +  other  terms. 

Finally,  write 


(37) 

(38) 

(39) 
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Now,  h'  no  longer  contains  a  monomial  in  A'l'*,  and  we  say  that  h  is  reduced  to  h'  modulo  /"[idjor 
that  h'  is  an  F  -  derivative  of  /i[15]. 

Repeated  application  of  reduction  or  derivation  to  h  eventually,  and  in  a  finite  number  of  steps 
[16],  produces  a  polynomial  which  cannot  be  reduced  further  modulo  F. 


B  The  Grobner  Basis  Algorithm 


Let  F  =  {/i, /a, . . . , /m }  be  any  basis  of  an  ideal  I  in  the  ring  of  multivariate  polynomials  over 
GF((7).  The  following  algorithm  produces  a  Grobner  basis. 

1.  From  F,  select  a  pair  (/,,/j)  of  polynomials  not  previously  chosen. 

2.  Compute  Svol(f,,  fj).  By  the  process  defined  above,  reduce  Spot  to  a  polynomial  f,j  which 
is  F-irreducible. 

3.  If  fij  —  0  go  to  1.  Otherwise,  add  to  the  basis,  then  go  to  1. 

4.  The  algorithm,  when  it  terminates  (which  it  has  been  shown  to  do  [13.15]).  will  have  produced 

a  GB  =  for  the  ideal  spanned  by  F.  By  construction  Spol(g,.gj)  =  0  '^g,.gj  6  GB. 

It  is  well-known  [13,15]  that  the  existence  of  GB  can  always  infer  a  reduced  GB  of  the  ideal. 
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(Lnci*ss  only)]  Commandant 

U.S.  Army  Infantry  School 
ATTN;  ATSH-WCB-O 
Fort  Benning,  GA  31905-50(X) 

1  WL/MNOI 

Eglin  AFB,  FL  32542-5000 


Dir,  USAMSAA 
ATTN;  AMXSY-D 

AMXSY-MP,  H.  Cohen 

Cdr,  USATECOM 
ATTN:  AMSTE-TC 

Dir,  ERDEC 
ATTN:  SCBRD-RT 

Cdr,  CBDA 
ATTN:  AMSCB-CIl 

Dir,  USARL 
ATTN:  AMSRL-SL-I 


Dir,  USARL 

ATTN:  AMSRL-OP-CI-B  (Tech  Lib) 
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No.  of 

Copies  Oruani/jtion 

4  Commander 

U.S.  Army  CECOM 
ArnS:  AMSEL-RD-C3-AC,  Paul  Sa.ss 
ST-LA-L,  Charles  Graff 
ST-C,  Dr.  Felix  Schwering 
ST-MC-M,  Dr.  Haim  Soieher 
Fori  Monmouth,  NJ  07703 

2  Director 

U.S.  Army  Research  Office 
ATTN:  AMXRO-EL,  Dr.  W.  Sander 

AMXRO-MA,  Dr.  G.  Anderson 
P.O.  Box  12211 

Research  Triangle  Park.  NC  22709-221 1 
1  Commander 

U.S.  Army  Cenlcr  for  Signals  Research 
ATTN:  AMSEL-SW,  S.  Rhodes 
Vint  Hill  Farm  Station 
Warrenton,  VA  22186-5100 

1  Commander 

U.S.  Army  Research,  Development, 
and  Standardization  Group 
United  Kingdom 
USARDSG  (UK)  Box  65 
FPO  New  York  09510 

1  Commander 

U.S.  Army  Research,  Development, 
and  Siandardi/.alion  Group 
Australia  APO,  SF  96404 

1  Commandant 

U.S.  Military  Academy 
West  Point,  NY  10996 

1  Commandant 

U.S.  Naval  Academy 
Annapolis,  MD  21404 

1  Commandant 

U.S.  Air  Force  Academy 
Colorado  Springs,  CO  80840 

1  Director 

Naval  Rc-scarch  Laboratory 
ATTN:  Code  7521, 

Dr.  J.  E.  Wicscithicr 
Washington,  DC  20375-50(X) 


No.  of 

Copies  Organization 

1  California  Insuiuic  of  Technology 

Dcparuncni  of  Electrical  Engineering 
ATTN:  Prof  Rtxl  Goodman 
Pasadena,  C A  91125 

1  Georgia  Institute  of  Technology 

Coding  and  Infonnation  Theory  Laboratory 
School  of  Electrical  Engineering 
ATTN:  Prof  Stephen  B.  Wicker 
Atlanta,  GA  30332-0250 

3  The  Johns  Hopkins  University 

Dcparuncni  of  Electrical  and 
Computer  Engineering 
ATTN:  Prof  Brian  Hughes 
Prof  Oliver  Collins 
Prof  Willis  C.  Gore 
Baltimore,  MD  21218 

2  Cornell  University 
Department  of  Mathematics 
ATTN:  Prof  Mike  Stillman 

Prof  Moss  Swccdlcr 
Ithaca,  NY  14853 

1  Cornell  University 

School  of  Electrical  Engineering 
ATTN:  Prof  Chris  Hccgard 
Ithaca,  NY  14853 

3  University  of  Delaware 
Department  of  Computer  and 

Information  Sciences 
ATTN;  Prof  B.  Cavincss 
Prof  D.  Saunders 
Prof  D.  Wood 
Newark,  DE  19716 

1  Prof  Charles  T.  Rcucr 

18  Ridgefield  Drive 
Framingham,  MA  01701 

1  Texas  A  &  M  University 

Department  of  Mathematics 
ATTN:  Prof  Peter  Stiller 
College  Station,  TX  77843-3368 
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No.  of 

Conics  Organization 

1  Director 

Army  Research  Office 

ATTN:  AMXRO-MCS,  Mr.  K.  Clark 

P.O.  Box  12211 

Research  Triangle  Park.  NC  27709-2211 

1  Director 

Army  Research  Office 

ATTN:  AMXRO-RT-IP,  Library  Services 

P.O.  Box  12211 

Research  Triangle  Park,  NC  27709-2211 

3  University  of  Virginia 

Department  of  Electrical  Engineering 
ATTN:  Prof.  Stephen  G.  Wilson 
Prof.  Demetrios  Kazakos 
Prof.  P.  Papantoni-Kazakos 
Charlottesville,  VA  22901 


No.  of 

Copies  Organization 

Aberdeen  Proving  Ground 
20  Dir,  USARL 

ATTN:  AMSRL-Cl,  Mr.  W.  Mermagen 

AMSRL-Cl-C,  Dr.  W.  Slurek 

AMSRL-Cl-CB,  Mr.  Richard  Kaste 

AMSRL-CI-CC, 

Mr.  B.  Reichard 
Dr.  P.  Broome 
Dr.  S.  Chamberlain 
Mr.  G.  Hartwig 
Ms.  B.  Broome 
Mr.  H.  Caton 
Mr.  A.  Downs 
Ms.  A.  Brodeen 
Mr.  D.  Gwyn 
Ms.  M.  Lopez 
Mr.  F.  Brundick 

AMSRL-Cl-S,  Ms.  V.  Kaste 

AMSRL-Cl-AC,  Mr.  P.  Dykstra 

AMSRL-SS-SC,  Ms.  S.  Stratton 

AMSRL-SS-IC,  Dr.  P.  Emmerman 

AMSRL-SL-BV,  Mr.  E.  Davisson 

AMSRL-WT-WB,  Mr.  R.  McGee 
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University  of  Wales  at  Bangor 
School  of  Electronic 
Engineering  Science 
ATTN:  Prof  John  O’Reilly 
Dean  Street,  Bangor, 

Gwynedd  LL57  lUT 
UK 

The  University 
Department  of  Electrical 
Engineering 

ATTN;  Prof  P.  G.  Farrell 
Manchester  ML3  9PL 
UK 

IFI  Institute  of  Advanced 
Microelectronics 
ATTN:  Prof  Patrick  Fity.pauick 
NMRC,  Cork 
Ireland 

University  of  Bristol 

Centre  for  Communication  Research 

Faculty  of  Engineering 

ATTN:  Prof  Graham  H.  Norton 

UK 

Universtity  of  Waterloo 
Department  of  Electrical  Engineering 
ATTN:  Prof  Ian  F.  Blake 
Waterloo,  Ontario,  N2L  3G I 
Canada 

Waseda  University 
Department  of  Industrial 
Engineering 

ATTN:  Prof  Shigcichi  Hirasawa 
3-4-1  Ohkubo,  Shinjuku-ku 
Tokyo  160 
Japan 

Toyoashi  University  of  Technology 
Department  of  Knowledge-Based 
Information  Engineering 
ATTN:  Prof  Shojiro  Sakata 
Tempaku,  Toyohashi  440 
Japan 
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